Not a power user. I got a new Mikrotik router with the latest firmware. I want to use it on my home PC with RDP. On the previous cheap Tenda router, port forwarding worked fine because the settings were simple. I read a lot of manuals/guides about port forwarding in RouterOS and tried to configure this by myself, but nothing happened. I can’t connect from the outside. Can someone please write in detail how to configure this correctly?
/ip firewall nat
add action=dst-nat chain=dstnat comment=“RDP” disabled=no dst-port=3389 protocol=tcp to-addresses=(PRIVATE IP of RDPhost) to-ports=3389
This is as detailed as it can be…
Hi,
I do not recommend exposing the computer’s RDP port to the Internet. Better use VPN.
This year I saw with my eyes two computers from two different companies that were opened to the Internet RDP protocol and both were encrypted by hackers.
On one of the computers the information was vital and the only solution was to pay for the decryption key.
As a mitigating measure you can assign a different port for RDP entry (so for example, the user has to type server.com:44933 instead of just server.com when trying to log on to the session… This won’t deter a determined hacker, but it will get rid of a the vast majority amount of attempts to break in.
In addition, you can also restrict access to the rule to a pre-approved list of IP’s, further minimizing exposure.
I do not recommend exposing the computer’s RDP port to the Internet. Better use VPN.
Exactly…
Never never portforward to an rdp port… even changing the public port just adds 1% more security and nothing more…